Abstract
Computer networks form much of the infrastructure supporting day-to-day life in this digital age. Computer networks, however, are prone to attack and therefore require intrusion detection systems. Intrusion detection systems provide a mechanism to detect network attacks at an early stage and generate alerts. These systems, however, are far from a panacea. Rather, they tend to overwhelm their operators with alerts, which in more than 90% of cases can be false positives. As such, the problem of false positives in intrusion detection systems is a costly issue. This paper presents research to design a hierarchical network intrusion detector, using deep learning, which protects against raising vast numbers of false positives through the design and implementation of a hierarchical NIDS. This paper presents a valuable advancement in performance by reducing the occurrence of false alarms by 87.52%. The research contained in this paper presents three contributions to knowledge. The first of these is the comparison between hierarchical systems and non-hierarchical systems to understand which would yield fewer false alarms. The second contribution is the formulation of a hierarchical approach, which was able to reduce false alarms by 87.52%. Lastly, the proposed hierarchical model was deployed in a live IoT environment, exposed to genuine threats, and the performance in this environment was analysed.
Original language | English |
---|---|
Article number | 200215 |
Pages (from-to) | 1-13 |
Number of pages | 13 |
Journal | Intelligent Systems with Applications |
Volume | 18 |
Early online date | 15 Mar 2023 |
DOIs | |
Publication status | Published (in print/issue) - 31 May 2023 |
Bibliographical note
Funding Information:This research is supported by the BTIIC (British Telecom Ireland Innovation Centre) project, funded by BT and Invest Northern Ireland .
Publisher Copyright:
© 2023 The Author(s)
Keywords
- Deep Learning
- Machine Learning
- Network Intrusion
- Network Security
- Deep learning
- Machine learning
- Network security
- Network intrusion